Rearc

Lead Cybersecurity Engineer

Rearc

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

ApacheCyber SecurityPythonSparkSQL

About the role

  • Utilize NDR, EDR, real-time streaming, and SIEM technologies to develop robust threat detection capabilities.
  • Build and optimize detection rules leveraging real-time data streaming to enhance detection accuracy.
  • Design enrichment pipelines and automation workflows to enhance the precision of threat detections.
  • Develop correlation logic and automated processes to create high-fidelity threat alerts.
  • Build compliance and recoverability of customer Data Analytics solutions, including SOPs, data onboarding, normalization, enrichment, and system maintenance.
  • Create automation playbooks for incident triage and response.
  • Align detection content with customer-specific Use Case Frameworks and provide metrics on cybersecurity threats impacting their environment.
  • Collaborate with customer cybersecurity teams to cover gaps and enhance enterprise posture.
  • Support enterprise Cybersecurity, Information Technology (IT), and Operational Technology (OT) teams by providing dashboards and other data exploration tools.
  • Stay continually aware of emerging cybersecurity threats and trends, adapting detection strategies as needed.
  • Work closely with customer teams, including Cybersecurity Operations Center (CSOC), Operational Technology (OT), and Incident Response (IR) teams, to ensure detections are actionable and relevant.
  • Provide feedback to improve the customer's security framework and overall security monitoring strategy.

Requirements

  • 8+ years of experience in Cybersecurity with a focus on:
  • Log streaming
  • Cybersecurity data lakes and data warehousing
  • SOAR engineering
  • SIEM engineering, administration, architecture, and operations
  • Data science, statistical analysis, and threat detection development
  • Integrating disparate IT, OT, and business applications into SIEM systems
  • Bachelor's degree in Management Information Systems, Computer Science, or a related field
  • A strong passion for Cybersecurity and a commitment to staying current with industry trends, best practices, and tools
  • Proven experience in documenting, socializing, and operationalizing Cybersecurity technologies and processes
  • Prior programming experience in Python, SQL, and Apache Spark
  • Solid understanding of common attack techniques and their practical applications
  • Demonstrated ability to work effectively across multiple teams, building cross-functional relationships with individuals of varying technical expertise
  • A self-starter with a proven ability to thrive in fast-paced environments
  • Strong technical communication skills, both written and verbal
Benefits
  • No specified benefits mentioned in the job description
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
NDREDRSIEMdata streamingSOAR engineeringdata lakesdata warehousingPythonSQLApache Spark
Soft Skills
technical communicationcollaborationself-startercross-functional relationship buildingadaptabilitydocumentationoperationalizationpassion for Cybersecuritycommitment to industry trendsproblem-solving